By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Content filtering typically means a mix of antivirus and antispam software, and a variety of e-mail, IM, Web and URL filters. Aladdin Knowledge Systems eSafe 4.0 manages these tasks in one gateway filtering system that examines network traffic for malicious code and inappropriate content. It strips out offending content or blocks suspicious connections entirely.

eSafe can launch in an hour with a default filtering configuration, which blocks VBScript and JavaScript, and performs HTML page filtering based on keywords and phrases, such as "adult toys." It's a quick startup that adds significant value, considering the diverse functionality. But most enterprises will want to put in a few hours tweaking environment-specific rules to address the nuances of their acceptable use policies, such as a sports organization enabling access to espn.com.

Aladdin Knowledge Systems eSafe 4.0 content filtering system combines several content analysis technologies into a single system. When eSafe detects malicious code, it allows you to block or quarantine the offending content. Filters are first divided by protocol (HTTP, FTP and SMTP) and then by action (scan vs. block). The appliance is configurable for several purposes, from a router that sits between the firewall and an internal network to a firewall support system residing in the DMZ. An intuitive wizard guides security managers through the basic configuration, and to less commonly used settings, such as editing the list of keywords for the spam filter.

More Information

Learn what fundamental questions you should ask when evaluating content-filtering solutions for your enterprise.

eSafe runs autonomously once the content filters are configured, and users can schedule automatic updates for virus definitions and the software. It integrates with existing technology via the Content Vectoring Protocol, to work directly with firewalls such as Check Point FireWall-1. Its mail filters provide native support for Microsoft Exchange servers, and it can filter and forward traffic for other mail servers through its SMTP relay. eSafe also integrates with Kaspersky Labs' antivirus solution and SurfControl's URL database to enhance content filtering. However, it doesn't plug into any other third-party content filtering solutions.

eSafe's documentation and reporting are weak. You may find yourself flipping through the installation manual trying to find information that isn't where you would expect it. And its report generation is much too tedious -- a query-based process with results that lack analysis and resemble an event log. You need to build reports step by step, and can't simply double-click on an entry for detail. However, reports can be produced that sort data by infected or blocked file type or by specific policy violations, and the software does allow events to be logged to a SQL database for further analysis.

Our testing showed that eSafe can effectively manage a data load running over two T1 lines, and Aladdin claims that a single gateway can handle up to 25 Mbps of sustained traffic. Enterprises looking for an alternative to using several content-filtering tools can choose from various filters, Linux or Windows operating systems, and a software license or a preloaded server.

About the AuthorMike Chapple, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles including the CISSP Prep Guide and Information Security Illuminated.

E-Handbook

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy